Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat satellite vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2009-0788
Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote malicious users to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to arbitrary services and IP addresses ...
Redhat Network Satellite Server 5.3
Redhat Network Satellite Server 5.4
4
CVSSv2
CVE-2020-10716
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitiv...
Redhat Satellite Capsule 6.7
Redhat Satellite 6.7
Theforeman Foreman Ansible
NA
CVE-2023-4320
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Redhat Satellite
5.2
CVSSv2
CVE-2019-3845
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or C...
Redhat Satellite
3.3
CVSSv2
CVE-2012-5562
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite
Redhat Satellite
6.4
CVSSv2
CVE-2008-2369
manzier.pxt in Red Hat Network Satellite Server prior to 5.1.1 has a hard-coded authentication key, which allows remote malicious users to connect to the server and obtain sensitive information about user accounts and entitlements.
Redhat Satellite
6.5
CVSSv2
CVE-2018-14666
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions.
Redhat Satellite
7.5
CVSSv2
CVE-2019-10137
A path traversal flaw was found in spacewalk-proxy, all versions up to and including 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's ...
Redhat Satellite 5.0
Redhat Spacewalk
4
CVSSv2
CVE-2019-10136
It was found that Spacewalk, all versions up to and including 2.9, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the c...
Redhat Satellite 5.8
Redhat Spacewalk
4.4
CVSSv2
CVE-2017-7536
In Hibernate Validator 5.2.x prior to 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occ...
Redhat Hibernate Validator
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Enterprise Application Platform 7.1
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »